1. My parents' Windows machine got infected with a very hard-to-get-rid-of virus that turned their machine, which was no server at all, into an SMTP machine, and used it for massive mail operations.
2. When I was a checker for Wikipedia, I could check the IP of registered users who violated Wikipedia rules (vandalized pages - in particular, placed the Nazi flag in Jewish pages). I tried to trace the machine they were using, and file a complaint (or enable others to file a complaint) to the relevant body: the ISP (in case of a home connection) or the company whose machine it was. In some of the cases, the vandalizer used compromised machines - machines that were known to vandalizers to be open for such use. On Mon, May 14, 2012 at 3:20 AM, Eli Billauer <[email protected]> wrote: > ** > Indeed, it's wise to have the firewall up. > > But what I tried to figure out, was if something real actually happened to > someone. Port scanning is indeed unpleasant to watch if you're unprotected, > but would something really happen if you dropped your firewall? Would > whoever scanned those ports attack a Linux computer? > > Not that I volunteer to try that out myself. And still. > > > On 05/14/2012 02:58 AM, guy keren wrote: > > > at least in the past - the risk was real. > > when i first connected my computer to the internet via ADSL, and set up > firewall rules - i was surprised to see that i get many (hundreads) of > failed network connections from around the world. > > what people do, is run software that scans complete address (IP) ranges, > and attempt to find exploitable services on them. > > the solution, on my part, was to close down everything i could at the > firewall level, and try to keep the open services (e.g. the kernel itself, > ssh server, etc) updated. keeping things updated was annoying with redhat - > specifically the distribution updates - and is one of the reasons i > switched to ubuntu. i tend to keep to the LTS (long term support - 3 years) > versions of ubuntu - and try to be in long delay after the latest > distributions - after having the diss-pleasure of upgrading too early to > 8.04 (or something). > > --guy > > On 05/14/2012 12:45 AM, Eli Billauer wrote: > > Hi, > > Since my not-so-updated software versions became an issue in itself > (somehow I always get that) I wondered: Leave alone the unpleasant > feeling of knowing your computer *could* be exploited, are there any > real cases of attacks against personal, non-server Linux machines? The > need to protect a server or a shared machine is obvious. But when it > comes to a personal computer, is there any real life justification to be > anything else than completely indifferent to those risks? Or can we in > fact take a kibbutz approach of leaving the door open, knowing that we > may invite someone to break in, but that doesn't really happen? > > This is not a question about what can happen, but what really does. > > And just to wrap up the original subject: I was reluctant to try > mail-notification, because my mail filters move around the mails as they > arrive. So I suspected things would get messy using a tool that > apparently polls the mail box files directly. > > Anyhow, my solution ended up to be the Gnome Integration add on. I also > installed Mail Tweak, which among others allowed me to set HTML + Plain > text as the default outgoing mail format. > > Eli > > > > -- > Web: http://www.billauer.co.il > > > _______________________________________________ > Haifux mailing list > [email protected] > http://hamakor.org.il/cgi-bin/mailman/listinfo/haifux > > -- Orna Agmon Ben-Yehuda. http://ladypine.org
_______________________________________________ Haifux mailing list [email protected] http://hamakor.org.il/cgi-bin/mailman/listinfo/haifux
